翻訳と辞書 |
layered security : ウィキペディア英語版 | layered security
Layered security, also known as layered defense, describes the practice of combining multiple mitigating security controls to protect resources and data. The term bears some similarity to defense in depth, a term adopted from a military strategy that involves multiple layers of defense that resist rapid penetration by an attacker but yield rather than exhaust themselves by too-rigid tactics. As the incursion progresses, resources are consumed and progress is slowed until it is halted and turned back. The information assurance use of the term "defense in depth" assumes more than merely technical security tools deployment; it also implies policy and operations planning, user training, physical access security measures, and direct information assurance personnel involvement in dealing with attempts to gain unauthorized access to information resources. Within a defense in depth security strategy, layered security is regarded by some as merely a delaying tactic used to buy time to bring security resources to bear to deal with a malicious security cracker's activities. == Philosophy ==
Layered security is an example of the Swiss Cheese model (or "cumulative act effect"), used in risk analysis and risk management. In this model, security systems are likened to multiple slices of swiss cheese, stacked side by side, in which the risk of a threat becoming a reality is mitigated by the fact that it must pass through "holes" in the defenses (i.e. not be trapped and detected by each different defense), and these defenses are of different kinds, and locations that are "layered" behind each other. Therefore in theory, lapses and weaknesses in one defense do not easily allow a risk to materialize, since other defenses also exist, to prevent a single point of weakness.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「layered security」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|